AMERICAN CIVIL

LIBERTIES UNION OF

WASHINGTON

FOUNDATION

901 5TH AVENUE, SUITE 630

SEATTLE, WA 98164

T/206.624.2184

WWW.ACLU-WA.ORG

REGULATING SURVEILLANCE TECHNOLOGY:

A TOOLKIT FOR LAWMAKERS

Table of Contents OVERVIEW ................................................................................................................................................. 1

THINGS TO CONSIDER BEFORE ACQUIRING SURVEILLANCE EQUIPMENT .............................. 2

HOW AN ORDINANCE CAN HELP ......................................................................................................... 5

A SUMMARY OF THE ORDINANCE ....................................................................................................... 7

STEPS FOR GETTING THE ORDINANCE PASSED ............................................................................... 8

THE MODEL ORDINANCE ....................................................................................................................... 9

APPENDIX A ................................................................................................................................................ i

1

OVERVIEW

Spurred partly by federal government grants, many local agencies are interested in acquiring and

employing new surveillance equipment. While technological advances provide many new capabilities to

government, they also have the ability to significantly infringe on privacy and freedom of association

rights.

But too often, the impact of surveillance equipment on a community is not fully evaluated before it is put

into use. Surveillance equipment can be expensive, and its pros and cons need to be weighed carefully. A

formal review and approval process prior to the acquisition and use of new surveillance equipment is

essential. It can help to determine whether the technology is indeed necessary and whether its use will

promote public safety without unduly compromising privacy or causing other problems.

Government departments should be required to obtain approval from their local legislative body before

acquiring new surveillance equipment. To that end, we are providing a model ordinance that requires

departments to specify the equipment they wish to acquire and justify its need, along with protocols

governing how the equipment will be used, how data will be collected, retained and accessed, and how

privacy will be protected.

This toolkit provides lawmakers with the tools they’ll need when considering whether to acquire and use

surveillance equipment. The toolkit flags issues that should be explored and presents an easy process to

evaluate the ramifications of new technologies.

2

THINGS TO CONSIDER BEFORE ACQUIRING SURVEILLANCE EQUIPMENT

New Technology Can Appear Attractive

Surveillance equipment often appears to be an attractive option for government officials concerned about

public safety. Many new technologies can easily capture significant amounts of data, and this

information is seen as useful for coping with criminal activity.

BUT Decision-making Should Consider the Complete Picture. A department and elected officials

should fully evaluate the actual impact of the equipment and consider the best way to use it. Below we

highlight key considerations. Some factors may not be relevant for every piece of technology, and some

concerns can be easily addressed with good policy or technology solutions. But it’s essential that

government leaders look carefully at the full picture before investing in new surveillance devices.

Factors and Concerns for Consideration

Complete Cost. New technology often comes with a hefty price tag. It’s important to be sure the

benefits will outweigh the financial cost. Beyond the initial purchase price, there likely will be

significant, ongoing personnel costs and technology expenses to use and maintain the equipment

over time.

Effectiveness. Will proposed technology actually address the problem at hand? Simply having

the ability to capture lots of data does not necessarily mean that criminals will be easier to

identify or that crime will be reduced. In some cases, a huge influx of information actually can

make it harder to find the truly critical pieces of information. In other cases, the environment in

which it is deployed can make even the most advanced equipment less effective than expected.

Some cases in point:

o Seattle. In 2008 surveillance cameras were put up in Cal Anderson Park in Seattle in

order to address complaints about drug dealing, vandalism and other illegal activity. An

audit of the system in 2009 showed that the cameras had not deterred crime in the park

and that police had only used the video footage for one criminal investigation.1 The

$850,000 camera system was removed shortly after the audit report proved the

investment an expensive waste of valuable public funds.

o San Francisco. A network of cameras installed around San Francisco’s public housing

developments proved ineffective at aiding in homicide investigations even though

approximately one quarter of the city’s homicides occurred around public housing.

Reasons offered for why the system failed included that the cameras just displaced

criminal activity rather than deterring it, and that camera positioning and functionality at

night when most crime occurred was not ideal for capturing valuable footage.2

1 Seattle Office of the City Auditor, Cal Anderson Park: Surveillance Camera Pilot Program Evaluation, October 26,

2009, available at http://www.seattle.gov/audit/docs/2009Oct_SurveillanceCamerasHighlights.pdf 2 Heather Knight, S.F. public housing cameras no help in homicide arrests, SF Gate, August 14, 2007, available at

http://www.sfgate.com/news/article/S-F-public-housing-cameras-no-help-in-homicide-2510907.php%23page-1#page-1

3

o Philadelphia. A Temple University study of the CCTV camera system employed by the

City of the Philadelphia found that the cameras were only effective at decreasing crime

rates and aiding in investigations in certain areas of the city.3 The report highlighted that

surveillance cameras were therefore not the most effective security measure to address

crime universally throughout the city.

Privacy Concerns. New technology allows the government to collect types and quantities of data

that were once difficult to gather. While camera proponents may assert that people have a limited

right to privacy when in public, individuals typically consider their everyday routines as their

own business. Yet new technology enables government to collect information that gives a much

more detailed picture of people’s lives – where they go, what they do, with whom they associate.

It’s important to consider whether a new piece of equipment allows a new form of tracking that

compromises personal privacy. Will use of the technology be problematic for innocent people

whose actions it records?

System Misuse. Equipment that monitors and collects information about the general public can

always be misused by individuals who employ it. People with access to the data may use it for

personal reasons, like tracking an ex-lover or work rival, or to engage in voyeurism. In the

United Kingdom for instance, CCTV operators have misused the public camera system to spy on

women.4 The systems may also be abused to discriminate by targeting certain racial or ethnic

groups. A British study found that operators of surveillance cameras in the UK trained the

cameras to follow black males at disproportionately high rates.

Hacking Threats. Digital systems are targets for criminal hackers. Systems that collect and store

information on members of the public are a treasure trove for wrongdoers seeking to engage in

identity theft and other crimes. In addition, when devices are operated remotely, hackers may be

able to break into the communication system and take control of the devices. Last year,

researchers at the University of Texas demonstrated that they could successfully hijack a drone

and give it new flight commands.5

Erosion of Community Trust. Understandably, members of the public often react strongly when

they learn that new surveillance technologies are in use, especially when there is no advance

notice or opportunity to comment. Responses are especially vocal when surveillance technology

is used to monitor and record activities that people consider private. This public backlash can

lead to erosion of public support for or even distrust in law enforcement. Seattle experienced

such a backlash when cameras were installed along Alki Beach in West Seattle without public

notice or input. Community residents were outraged when they noticed the cameras and learned

3 Jerry Ratcliffe & Travis Tanguchi, CCTV Camera Evaluation, Temple University, February 7, 2008, available at

http://www.temple.edu/cj/misc/PhilaCCTV.pdf 4 BBC News, Peeping tom CCTV worker jailed, January 13, 2006, available at

http://news.bbc.co.uk/2/hi/uk_news/england/merseyside/4609746.stm 5 Lorenzo Franceschi-Bicchierai. GPS Hijacking Catches Feds, Drone Makers Off Guard, Wired, July 19, 2012,

available at http://www.wired.com/dangerroom/2012/07/drone-gps-spoof/all/

4

that these could be positioned to view into private residences. City officials had to halt plans to

activate the cameras until guidelines are developed to address the privacy concerns.

Surveillance Data Is Available as Public Records. Data collected by digital devices operated by

government agencies is subject to disclosure under public records laws. This means that, subject

to certain statutory exceptions, any member of the public can seek to review the surveillance

records and logs. The information collected can be personal or sensitive. Public access can lead

to many unintended uses, such as by attorneys desirous of evidence for divorce cases or stalkers

eager for more information about their targets.

Conflicts with State Law. State law frequently sets limits on types of information that can be

collected or how certain types of information must be handled. In addition there are also state

regulations about how and where some information can be collected. The use of new technology

can conflict with these regulations and often the state restrictions are not thoroughly considered

before new equipment is acquired.

Many Concerns Can Be Addressed with Good Planning and a Public Review Process

When concerns are flagged during a public review process, there is a chance to address them. Problems

can be fixed either through technological adjustments, internal policies and training, or it may be

determined that acquisition of the technology is not justified.

Technological Fixes. Many systems can be modified or designed to assist with or restrict certain

uses or activities. For example, system security can be bulked up to help prevent hacking.

Auditing measures can be built in to help track who uses the equipment and how they use it.

Finally, privacy settings can be added to help blur or limit data order to reduce the collection of

personal or sensitive information.

Policy Guidelines. Departments should develop thorough policies that outline how surveillance

equipment may be used, who has access to the data and for what purposes, and how information

will be securely retained, stored and deleted. Equipment users should be trained on how the

equipment works and what the use policies are. And there should be remedies in place for policy

violations.

Is It Really Necessary? Considering that surveillance technology by its very nature collects

extensive information about individuals, is there truly a strong public benefit that justifies its

acquisition?

5

HOW AN ORDINANCE CAN HELP

As new equipment becomes available, there should be a process in place to think through the costs and

benefits and to address concerns – before public money is spent. A way to guarantee this happens is an

ordinance, one requiring departments to create use protocols and obtain approval before purchasing and

using new surveillance devices. While government departments certainly do internal reviews and analysis

before they buy new technology, a public approval process adds important checks and balances.

A review process is valuable to accomplish the following:

Increase Oversight of Government Surveillance

When the government will monitor members of the public, the surveillance program should be reviewed

to see if it is necessary, effective and legal. A review process ensures that there is a real need for the new

technology and that it will be used in a way that actually improves community safety. Indeed, a formal

public review done by a separate government body is a vital step in any democratic process. Its aims are

to:

Ensure the value of the equipment has been fully considered. A review process can force

government departments to think critically about what they hope to gain from the equipment, how

the equipment can best be used, and whether the anticipated benefits will justify the costs.

Confirm the proposed uses are legal. Checks and balances should be in place to ensure that the

new equipment will be used legally. Creating use plans in advance can help identify ways the

proposed technology use may violate laws protecting privacy or freedom of speech and

association.

Consider the impact on civil liberties. It is also valuable to have the proposal reviewed by a non-

law enforcement body that can neutrally assess whether the technology poses any risks for civil

liberties.

Provide Notice to the Public and Gain Valuable Input

Communication with the public is important. Members of public have a right to know about new

equipment, and in turn they may have information that is valuable for the government.

Provide notice to the public. When government departments have to announce publicly that they

are seeking to acquire new surveillance equipment and have to justify its need and provide use

protocols, community members can contribute meaningfully to policy discussions.

Increase trust in government. When government is transparent about its actions, people have a

greater sense of trust. People resent their government keeping secrets from them, particularly

when those secrets involve collection of personal information.

Use community members as resources. Many members of the community have technological

expertise and may have useful ideas that could improve the use plans for the new equipment. For

example, a community member may know of a better way to encrypt sensitive data, or he may be

able to propose valuable use protocols that the department had not incorporated.

6

Clarify uncertainties in advance. Unless carefully crafted, the language of protocols can be

subject to differing interpretations. Public input can help identify unclear wording, allowing the

government to clarify or adjust the protocols.

Identify Privacy Concerns in Advance

When impacts on privacy are considered before a new piece of equipment is used, many problems can be

addressed. And privacy concerns that cannot be adequately addressed with planning and policies need to

be identified, so that the need for acquisition can be reconsidered.

Identify problems in advance. While proponents of new technology may assert that its use will

not be problematic, government leaders should carefully consider how it is likely to work in

practice. Consider the following:

o Will the technology collect information from places or situations that people typically

think of as private?

o Does the technology allow the government to collect information that was previously

very difficult to collect?

o Is an entirely new type of information being collected?

o Can more information be collected and stored than was previously possible?

o Does the technology allow the government to combine or analyze data in a way that

reveals more personal or sensitive information?

Come up with ways to address those concerns if possible. Asking government agencies to think

about how they plan to use new technology before it is acquired and used can allow time to craft

workable solutions.

o Create basic procedures about permitted uses of the technology, how the information will

be stored, and who will have access to the data.

o If good solutions cannot be found, limit the specific uses that will violate civil liberties or

restrict the use of the equipment completely.

Identify the Chilling Effects on Speech and Association

New surveillance technologies can allow the government to gather a lot of information about our

activities and associations which can have a chilling effect on speech. This is a significant impact that

should be addressed before any equipment is acquired and put into use.

Identify whether the technology can interfere with freedom of speech and association. Many

new pieces of technology collect large volumes of data which seem innocuous in isolation but can

create vivid pictures of our lives when combined. It’s valuable to identify those capabilities in

advance and consider the impact they have on our freedom of speech and association. For

example, can the technology capture information that reveals personal relationships or

organizational memberships?

Figure out ways to minimize problems, if possible. Some speech concerns can be addressed with

use, retention and access policies. For example, a policy that provides for regular deletion of

information that does not indicate criminal activity could minimize information about personal

associations held by the government. If good solutions cannot be found, limit the specific uses

that will violate civil liberties or restrict the use of the equipment completely.

7

A SUMMARY OF THE ORDINANCE

Below is a brief summary of the key components of the model ordinance.

Prior Approval of the Acquisition and Use of Surveillance Equipment and Services

The ordinance requires that government departments receive approval before purchasing new surveillance

equipment or before entering into contracts with third parties to provide surveillance services. The

ordinance also requires that departments receive approval when they want to use currently owned

surveillance equipment in new ways that will provide additional surveillance data. Finally, the ordinance

recognizes that updates may be available to currently owned pieces of electronic equipment that would

provide surveillance capabilities not previously available to a department. In such circumstances, the

department would need prior approval to use the new surveillance capabilities.

Development of Rules and Regulations about Equipment Use and Data Storage

As part of the approval process, a department must submit a set of “operational protocols” and a set of

“data management protocols” for council review and approval.

Operational protocols are a set of procedures that will govern how and when the equipment will be used.

The operational protocols will include information such as what the purpose of the equipment is, who will

be able to operate and access the equipment, where the equipment may be used, and what the standards

for use will be.

Data management protocols are a set of procedures that will govern how the data collected by the

equipment will be retained, stored, index, accessed and deleted. The data management protocols will

include specific information regarding who may access the data and how their access will be tracked, as

well as how the information will be secured and deleted to reduce privacy risks.

Public Reporting about the Approval Process

Annually, the council will issue a public report that discloses basic information about how the approval

process was used during the year. The report will include information about how many proposals were

reviewed throughout the year, as well as how frequently the council approved or denied department

requests.

8

STEPS FOR GETTING THE ORDINANCE PASSED

If you are interested in having an ordinance passed in your jurisdiction, you may want to do one or more

of the following:

Take stock. Determine what types of surveillance equipment are currently used in your

community and what technology law enforcement is interested in acquiring. (See Appendix A for

a list of some surveillance equipment currently available.) This list will help you identify whether

you have an immediate need in your community for an ordinance. You also may want to generate

a list of surveillance technologies used in surrounding communities. Such a list can highlight the

types of issues you may have to deal with in the future. Potential problems may be just as

powerful motivators as ongoing issues. In most cases it would be better to have an ordinance in

place before issues arise so that you have the tools available to manage the situation.

Reach out to colleagues. Meet with other councilmembers and share this toolkit with them.

Determine what will be needed to gain support for the ordinance’s passage.

Contact the ACLU of Washington. Reach out to staff at the ACLU of Washington. We may be

able to offer you support or advice about introducing and advocating for the passage of the

ordinance.

Find community allies. Seek allies in the community who will support and advocate for the

ordinance. Identify community organizations, leaders or activists who do work on privacy,

government transparency or police accountability and see if they would be interested in

supporting the ordinance. Ask them to spread the word with their constituents. Find out if they

would be willing to testify in support of the ordinance.

Talk with law enforcement. Set up meetings with law enforcement to discuss the ordinance.

Find out what procedures they usually follow when acquiring new technology or what types of

procedures and policies they currently have in place for using surveillance equipment. Try to

learn what concerns they may have, and discuss workable solutions.

9

THE MODEL ORDINANCE

BE IT ORDAINED BY THE [___________] AS FOLLOWS:

Section 1. The Council finds that technological advances have provided new equipment that can be used

for surveillance purposes. The Council finds that while surveillance equipment may help promote public

safety in some contexts, the benefits of such technologies should be balanced with the need to protect

privacy and anonymity, free speech and association, and equal protection. The Council finds that the

[City/County] should be judicious in its use of surveillance equipment to avoid creating a constant and

pervasive surveillance presence in public life. The Council also finds that public review and oversight of

new surveillance technologies is fundamental to minimizing the risks posed by such technologies. The

Council therefore finds that all [City/County] departments should seek approval from the Council prior to

the acquisition and use of certain surveillance equipment and services and should also propose specific

protocols for Council review that address how such equipment will be used and how the data it produces

will be retained, stored and accessed.

Section 2. The following definitions apply to this Chapter:

(1) "Data management protocols" means procedures governing how data collected by

surveillance equipment and services will be retained, stored, indexed, accessed and deleted. Information

comprising data management protocols includes, at a minimum, the information required in Section 6.

(2) "Operational protocols" means procedures governing how and when surveillance

equipment and services may be used and by whom. Information comprising operational protocols

includes, at a minimum, the information required in Section 5.

(3) "Surveillance equipment or services" means:

(a) Electronic, mechanical or other devices capable of systematically collecting,

storing and transmitting data, including information, images, videos, photographs or audio, used by or at

the direction of a [City/County] department for the purposes of monitoring, observing or analyzing

individuals or groups of individuals regardless of whether such data is obscured, de-identified or

anonymized before or after collection.

(b) Services provided to a [City/County] department by a third party that result in the

acquisition of data, including information, images, video, photographs or audio, by the [City/County]

department to be used for the purpose of monitoring, observing or analyzing individuals or groups of

individuals regardless of whether such data is obscured, de-identified or anonymized before or after

acquisition.

Section 3. Any [City/County] department intending to acquire new surveillance equipment or services

shall obtain Council approval via ordinance prior to acquisition. A department seeking to acquire

surveillance equipment or services shall submit to the Council a detailed statement of the type of

surveillance equipment or services to be acquired along with a set of operational protocols and data

management protocols applicable to the use of such surveillance technology or services.

Section 4. Any [City/County] department intending to (a) use previously acquired surveillance equipment

or services in a manner or for a purpose not previously disclosed in the operational protocols for such

surveillance equipment or services or (b) use previously acquired electronic equipment or third party

services in a manner that places such equipment or services within the definition of surveillance

equipment or services, shall obtain Council approval via ordinance prior to beginning the new use. A

department seeking approval for a new use shall submit to the Council a statement of the new use and a

new set of operational protocols and data management protocols for such new use.

10

Section 5. In requesting approval for the acquisition or new use of surveillance equipment or services,

[City/County] departments shall include proposed operational protocols containing the following

information for the Council's consideration, along with any other information specifically requested by

the Council:

(1) A clear statement describing the purpose and use of the proposed surveillance equipment

or services.

(2) The intended specific location of the surveillance equipment if affixed to a building or

other structure, or the boundaries of the area where mobile surveillance equipment or services will be

used.

(3) How and when a department proposes to use the surveillance equipment or services, such

as whether the equipment or services will be operated continuously or used only under specific

circumstances, and whether the equipment or services will be installed or used permanently or

temporarily.

(4) A description of the privacy and anonymity rights affected and a mitigation plan

describing how the department's use of the surveillance equipment or services will be regulated to protect

privacy, anonymity, and limit the risk of potential abuse.

(5) The extent to which activity will be monitored in real time as data is being captured and

the extent to which monitoring of historically recorded information will occur.

(6) A public outreach plan for each community in which the department intends to use the

surveillance equipment or services that provides public disclosure of the new surveillance equipment or

the terms of the services agreement and includes opportunity for public meetings, a public comment

period, and written agency response to these comments.

(7) If a department intends to share access to the surveillance equipment or services or the

collected data with any other government department or entity, it shall set forth which departments or

entities are approved for sharing, how such sharing is required for the stated purpose and use of the

surveillance equipment or services and the process by which future sharing agreements will be approved

by the department and by the Council.

(8) If more than one department will have access to the surveillance equipment or services or

collected data, a lead department shall be identified that is responsible for maintaining the equipment or

services relationship and ensuring compliance with all related protocols. If the lead department intends to

delegate any related responsibilities to other departments or [City/County] personnel, these

responsibilities and associated departments and personnel shall be clearly identified.

(9) A plan for maintaining the security and integrity of the surveillance equipment, including

an identification of the parties or personnel responsible for the installation or application of hardware

and/or software updates and patches, and the procedures by which the lead department will present any

substantive changes in the functionality to the Council for approval.

(10) A description of the training to be provided to operators or users of the surveillance

equipment or services.

Section 6. In requesting approval for acquisition or new use of surveillance equipment or services,

[City/County] departments shall include proposed data management protocols containing the following

information for the Council's consideration, along with any other information specifically requested by

the Council:

(1) The time period for which any data collected by surveillance equipment or services will

be retained.

(2) A description of how and when the data will be retained.

(3) The methods for storing collected data, including how the data is to be labeled or

indexed. Such methods must allow for the department personnel and the [City/County] Auditor's Office to

11

readily search and locate specific data that is collected and determine with certainty that data was properly

deleted, consistent with applicable law.

(4) A description of who will have access to the data captured or provided by the

surveillance equipment or service, including who will be responsible for authorizing access, who will be

allowed to request access, and acceptable reasons for requesting access.

(5) A viewer's log or other comparable method to track viewings of any data captured,

collected or provided by the surveillance equipment or services, including the date, time, the individuals

involved, and the reason(s) for viewing the records.

(6) A description of the individuals who have authority to obtain copies of the records and

how the existence and location of copies will be tracked.

(7) A general description of the system that will be used to store the data.

(8) A description of the unit or individuals responsible for ensuring compliance with Sections

5 and 6 and when and how compliance audits will be conducted.

Section 7. Each [City/County] department operating or using surveillance equipment or services prior to

the effective date of this ordinance shall propose written operational protocols consistent with Section 5

and written data management protocols consistent with Section 6 no later than sixty days following the

effective date of this ordinance for Council review and approval by ordinance. If Council has not

approved or requested modification to the proposed operational and data management protocols within

sixty days of their submission to the Council, the [City/County] department shall cease their use of the

surveillance equipment or services.

Section 8. Following one year after the effective date of this ordinance, the Council will review its

implementation as it applies to [City/County] department use of surveillance equipment or services.

Section 9. Not later than January 15 of each year, the Council shall release a public report containing the

following information for the proceeding calendar year:

(1) The number of requests for approval submitted to the Council under this ordinance for

the acquisition or new use of surveillance equipment or services.

(2) The number of times the Council approved requests submitted under this ordinance for

the acquisition or new use of surveillance equipment or services.

(3) The number of times the Council rejected requests submitted under this ordinance for the

acquisition or new use of surveillance equipment or services.

(4) The number of times the Council requested changes be made to operational protocols or

data management protocols before approving the acquisition or new use of surveillance

equipment or services.

Section 10. Any information obtained using surveillance equipment or services that was not approved in

accordance with this ordinance must be deleted as soon as possible, and may not be used, copied, or

disclosed for any purpose.

Section 11. Any person who violates the provisions of this ordinance shall be subject to legal action for

damages or equitable relief, to be brought by any other person claiming that a violation of this statute has

injured his business, his person, or his reputation. A person so injured shall be entitled to actual damages,

including mental pain and suffering endured by him on account of violation of the provisions of this

chapter, and a reasonable attorney's fee and other costs of litigation.

Section 12. Any [City/County] personnel who violates policies contained in this ordinance, or any

implementing rule or regulation, may be subject to disciplinary proceedings and punishment. For

12

[City/County] personnel who are represented under the terms of a collective bargaining agreement, this

section prevails except where it conflicts with the collective bargaining agreement, any memorandum of

agreement or understanding signed pursuant to the collective bargaining agreement, or any recognized

and established practice relative to the members of the bargaining unit.

i

APPENDIX A

List of Potential Surveillance Equipment

Automated license plate readers (ALPR)

Audio recorders

Cell phone tracking devices

Fingerprint scanners

GPS tracking devices

Gunshot detectors

Keystroke logging devices

Network sniffers

RFID readers

Stingrays

Thermal imaging devices

Unmanned aerial vehicles (drones)

Video cameras (both fixed and mobile)